Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
vxworks ftpd buffer overflow Denial of Service
Information
Severity
Severity
High
Family
Family
Denial of Service
CVSSv2 Base
CVSSv2 Base
7.5
CVSSv2 Vector
CVSSv2 Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Solution Type
Solution Type
Vendor Patch
Created
Created
18 years ago
Modified
Modified
5 years ago
Summary
It was possible to make the remote host crash by issuing this FTP command : CEL aaaa(...)aaaa This problem is similar to the 'aix ftpd' overflow but on embedded vxworks based systems like the 3com nbx IP phone call manager and seems to cause the server to crash.
Affected Software
Affected Software
This affects VxWorks ftpd versions 5.4 and 5.4.2.
Solution
Solution
If you are using an embedded vxworks product, please contact the OEM vendor and reference WindRiver field patch TSR 296292. If this is the 3com NBX IP Phone call manager, contact 3com.